Session Details

Modern 2FA in ASP.NET Core

For many years SMS was the industry’s go-to method of implementing two-factor authentication. But in recent years several high profile attacks have occurred in which attackers have taken advantage of flaws in SMS. In this session I will show you why current 2FA implementations using SMS are inadequate and what other options exist. I’ll also show off some modern software and hardware authenticators and then dive into some code showing how to integrate them into ASP.NET Core. Finally, let’s geek out about the future we all need: a future without passwords.